Upload
maribel-herandez
View
37
Download
0
Embed Size (px)
DESCRIPTION
Hybrid and Embedded Systems: Generalized Hybrid Systems. Edward A. Lee Robert S. Pepper Distinguished Professor UC Berkeley CPS Action Webs Meeting July 23, 2010 Berkeley, CA. Online. - PowerPoint PPT Presentation
Citation preview
Hybrid and Embedded Systems:Generalized Hybrid Systems
Edward A. Lee
Robert S. Pepper Distinguished Professor
UC Berkeley
CPS Action Webs Meeting
July 23, 2010
Berkeley, CA
Lee, Berkeley 2
Online
Online interactive versions of many of the examples in this talk can be accessed by clicking on the figures in the second paper here:http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-151.html
Lee, Berkeley 3
In a sense, the work here aims to generalize:
Statecharts [Harel 87] Argos [Maraninchi 91] Esterel [Berry & Gonthier 92] Abstract state machines [Gurevich 93] Hybrid systems [Puri & Varaiya 94, Henzinger 99] Timed automata [Alur & Dill 94] SyncCharts [Andre 96] I/O Automata [Lynch 96] *Charts [Girault, Lee, & Lee 99]
Lee, Berkeley 4
Motivating Example:Hybrid System
Finite State Machine
Concurrent Model Concurrent Model
Lee, Berkeley 5
Meta Model for FSMs in Ptolemy II
Initial state indicated in bold Guards are expressions that can reference inputs and variables Output values can be functions of inputs and variables Transition can update variable values (“set” actions) Final state terminates execution of the actor
Actor
FSM
Initial state
Transition
Ports
Ports
State
Final state
Guard (trigger) and actions
Lee, Berkeley 6
Extended State MachinesReference and manipulate variables on guards and transitions.
Extended state machines can operate on variables in the model, like “count” in this example.
0, 1, 2, 3, 4, 5, 5, 5, · · ·
“Set” actions are distinct from “output” actions. We will see why.
Variable
Lee, Berkeley 7
Modal Model Meta ModelHierarchical Composition
An actor’s behavior may be defined by an arbitrarily deep nesting of FSMs and refinements.
Actor
Refinement
FSM
State Transition
Refinement
Ports
Ports
Director determines semantics of the submodel
Lee, Berkeley 8
This model has two simple synchronous/reactive (SR) models as mode refinements and models their timed environment using a discrete-event (DE) director
SR Director
SR Director
Ptolemy II Enables Hierarchical Mixtures of MoCs
Lee, Berkeley 9
AND states
Here, two FSMs are composed under a synchronous/reactive director, resulting in Statecharts-like AND states.
Using a synchronous/reactive (SR) director yields Statechart-like semantics for concurrent state machines.
Lee, Berkeley 10
Operational Semantics:Firing
An actor’s behavior may be defined by an arbitrarily deep nesting of FSMs and refinements.
Fire
Execute output actions
Evaluate guardsand choosetransition
Current state
FireProduce outputs (maybe)Execute sub-model
according to local MoC
Lee, Berkeley 11
Operational Semantics:Postfiring
State changes are committed only in postfire, enabling fixed point iteration by using only firing.
Postfire
Set variable values
Make this the new current state
Current state
Postfire
Commit state changes
Lee, Berkeley 12
Fixed-Point Semantics of SR is Enabled by Fire/Postfire Separation
Result is a constructive semantics.
The example here requires multiple firings of the FSM actors to converge to the least fixed point.
Using a synchronous/reactive (SR) director yields Statechart-like semantics for concurrent state machines.
Lee, Berkeley 13
Directors Benefiting from Fire/Postfire Separation(which we call the Actor Abstract Semantics)
Synchronous/Reactive (SR) Execution at each tick is defined by a least fixed point of monotonic
functions on a finite lattice, where bottom represents “unknown” (getting a constructive semantics)
Discrete Event (DE) Extends SR by defining a “time between ticks” and providing a
mechanism for actors to control this. Time between ticks can be zero (“superdense time”).
Continuous Extends DE with a “solver” that chooses time between ticks to
accurately estimate ODE solutions, and fires all actors on every tick.
[Lee & Zheng, EMSOFT 07]
Lee, Berkeley 14
The Modal Model Muddle
It’s about time
After trying several variants on the semantics of modal time, we settled on this:
A mode refinement has a local notion of time. When the mode refinement is inactive, local time does not advance. Local time has a monotonically increasing gap relative to global time.
Lee, Berkeley 15
Modal TimeExample
Discrete event director places ticks on a (superdense) time line.
DiscreteClock generates regularly spaced events that trigger mode transitions.
These transitions are “history” transitions, so mode refinements preserve state while suspended.
Produce regularly spaced events in this mode.
Produce irregularly spaced events in this mode.
Lee, Berkeley 16
Modal TimeExample Mode transitions triggered at
times 0, 2.5, 5, 7.5, etc.
Events with value 1 produced at (local times) 0, 1, 2, 3, etc.
First regular event generated at (global time) 0, then transition is immediately taken. First irregular event generated at (global time) 0, one tick later (in superdense time).
Local time 1 corresponds to global time 3.5 here.
Lee, Berkeley 17
Variant using Preemptive Transition
Preemptive transition
First regular event is not produced until global time 2.5 (local time 0).
Lee, Berkeley 18
Time Delays in Modal Models
Triggers transitions at (global times) 0, 1, 2, 3, …
First output is the second input to the modal model, which goes through the noDelay refinement
Second output is the first input to the modal model, which goes through the delay refinement, which is inactive from time 0 to 1.
Lee, Berkeley 19
Variants for the Semantics of Modal Time that we Tried or Considered, but that Failed
Mode refinement executes while “inactive” but inputs are not provided and outputs are not observed.
Time advances while mode is inactive, and mode refinement is responsible for “catching up.”
Mode refinement is “notified” when it has requested time increments that are not met because it is inactive.
When a mode refinement is re-activated, it resumes from its first missed event.
All of these led to some very strange models…
Final solution: Local time does not advance while a mode is inactive. Growing gap between local time and global time.
Lee, Berkeley 20
More Variants of Modal Models Supported in Ptolemy II
Transition may be a reset transition Destination refinement is initialized
Multiple states can share a refinement Facilitates sharing internal actor state across
modes
A state may have multiple refinements Executed in sequence (providing imperative
semantics)
Reset transition (vs. history transition)
Lee, Berkeley 21
Still More Variants
Transition may have a refinement Refinement is fired when
transition is chosen Postfired when transition
is committed Time is that of the
environment
Lee, Berkeley 22
And Still More Variants Dataflow model
Fault model
Default transition
Nondeterminate transitions
Transition may be a “default transition” Taken if no non-default
transition is taken Compare with priorities
in SyncCharts
FSMs may be nondeterminate Can mark
transitions to permit nondeterminism
This example is a hierarchical FSM showing a thermostat with a nondeterminate fault mode.
Lee, Berkeley 23
Conclusion
Modal models (in Ptolemy II, Statecharts, SyncCharts, Argos, etc.) provide a hierarchical mixture of imperative logic and declarative composition.
Humans are very capable of reasoning both imperatively (algorithms, recipes, etc.) and declaratively (equations, synchronous composition, etc.). We use these reasoning tools for different (complementary) tasks.
Hybrid systems combine such reasoning: Declarative differential equations, Imperative FSMs. The abstract semantics given here generalizes them to other MoCs.
Lee, Berkeley 24
Acknowledgments Contributors to the modal model mechanisms in Ptolemy II:
Thomas Huining Feng Xiaojun Liu Haiyang Zheng
Graphical editor in Vergil for state machines: Stephen Neuendorffer Hideo John Reekie
Semantics of modal time: Joern Janneck Stavros Tripakis
Online interactive examples and Ptolemy II infrastructure: Christopher Brooks
Other: David Hermann & Zoltan Kemenczy (from RIM): transition refinements Jie Liu: hybrid systems Ye Zhou: modal dataflow models
Lee, Berkeley 25
Syntax of AND StatesIn Statecharts, communication between concurrent state machines is specified by name matching.
Example from Reinhard von Hanxleden, Kiel University
Communication path Can you tell whether there is feedback?
(This might be called the modal model meta model muddle).